IETF Logo Mail Archive

Re: [Jwt-reg-review] Request to register claim: sig_val_claims

Brian Campbell <bcampbell@pingidentity.com> Fri, 14 January 2022 21:24 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jwt-reg-review@ietfa.amsl.com
Delivered-To: jwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 466343A0B1A for <jwt-reg-review@ietfa.amsl.com>; Fri, 14 Jan 2022 13:24:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cK87nJOAIBvP for <jwt-reg-review@ietfa.amsl.com>; Fri, 14 Jan 2022 13:24:54 -0800 (PST)
Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com [IPv6:2a00:1450:4864:20::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F07FF3A0B16 for <jwt-reg-review@ietf.org>; Fri, 14 Jan 2022 13:24:53 -0800 (PST)
Received: by mail-lf1-x133.google.com with SMTP id x11so8589467lfa.2 for <jwt-reg-review@ietf.org>; Fri, 14 Jan 2022 13:24:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=hVnpXNHqngq/Q4hauUfIHrIQ7taCjts/1/d5HtPHcYw=; b=KyWDtow0/AS+uzv8t0e9kJRaJKQ9GiQIM2HgPeQDtiZ5UPFDJKKe4KyNu5D+Pftu5a JsQPKtaqiTfV/zTk5B86ms9WOTwHX2Mi6Zt8kaEMIgN3085mwcoQ+5VPlfWXCyWEMgUb olDXItFcDDamyaiHXJDh0mCzi8EfHmShOZ4oj7BTXGpw2De1tIajR8c2yCMcTR1Q4lJM YfxI6uGESjKTatMZu9Sxzb4QLqqyEbW+6FC5o39qC57/4WuGRlSTM3/ArWwDqRdtWcPw UNAcwzXqf6oDB4JedU914isK4u7TlfX6uEPKYd/P5NvaS3R+FZDo9L8PMjF2vb8H5XCh hIOA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hVnpXNHqngq/Q4hauUfIHrIQ7taCjts/1/d5HtPHcYw=; b=yRNkgbVViH/LpnKDqyXM55odiWxAJVC5EyqGz92U06qpTtPzexWM2AyjP6aMMfjif1 /AXh8o8lt09ZxrVjIsdaVLQmMKSSnarD0vMBTa2qTjE1tZyMfZ71lZRfALP4CsmuQozS mhVK5Yqx8bg2HzsvKAEkHC9okHZxGxcPzd2Se/Vu/9WMG4WSDGGKMSWXvN/5sQEqS7dz LLgU0V31XwbDT/NxAMlTDdTYEL1PHVmRP8sbb3XOTVUn3iGMycZQPI0yTZgj7kfuqybr pEmgyF5A69WYJusv9g2Sj6lNDZKG1OYGDW49059hShYPtP/Xw2LaHH000LXhW8SYcrN4 v55g==
X-Gm-Message-State: AOAM532iQu/mJyaO1snMUG8SzL0fkZaK/TxCsSbr6x10yNeI7BNFM/Je j7F98L/hQzyNUG8WOPOzZXAxqe8DEq+fjD512n1P8vGbqQ5nL2hGBHLAK7ofQpAKY2MMzYBXMuX JFbuTNxONsux1fYdHFDQli3LUkFioWkRyvQ==
X-Google-Smtp-Source: ABdhPJx1FPfhqQ5VXdAxulneaUvmMuaDByMm3C0UIi3kAzdrxKjlDKbolW3QBX8BH/+xyX7ZDlTgWCuf5BkR8NePEeA=
X-Received: by 2002:ac2:4d36:: with SMTP id h22mr7809084lfk.560.1642195490517; Fri, 14 Jan 2022 13:24:50 -0800 (PST)
MIME-Version: 1.0
References: <SJ0PR00MB10052992FA47D0DFA90CF3F4F5539@SJ0PR00MB1005.namprd00.prod.outlook.com>
In-Reply-To: <SJ0PR00MB10052992FA47D0DFA90CF3F4F5539@SJ0PR00MB1005.namprd00.prod.outlook.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Fri, 14 Jan 2022 14:24:24 -0700
Message-ID: <CA+k3eCS5j6XDE8u090DNDDewk-k-vVhvxXv9v_UedYbbcuF9mw@mail.gmail.com>
To: Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>
Cc: Stefan Santesson <stefan@aaa-sec.com>, "jwt-reg-review@ietf.org" <jwt-reg-review@ietf.org>, Russ Housley <housley@vigilsec.com>
Content-Type: multipart/alternative; boundary="000000000000dd5f7205d5916ed2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jwt-reg-review/Ly7qmKiYVdm0n7W1mriQ9SuCkFg>
Subject: Re: [Jwt-reg-review] Request to register claim: sig_val_claims
X-BeenThere: jwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Expert review of proposed IANA registrations for JSON Web Token \(JWT\) claims." <jwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jwt-reg-review/>
List-Post: <mailto:jwt-reg-review@ietf.org>
List-Help: <mailto:jwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jwt-reg-review>, <mailto:jwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jan 2022 21:24:59 -0000

Honestly, I can't really wrap my head around this kind of signature
indirection so I'll just say that I'm okay with the registration of the
claim name "sig_val_claims".

Because the document is defining this SVT, which is one particular kind of
JWT, I wonder if it'd be worthwhile to consider explicitly typing it, as
recommended in https://datatracker.ietf.org/doc/html/rfc8725#section-3.11,
with something like a "typ":"svt+jwt" header rather than the general and
kinda meaningless "typ":"jwt"?


On Wed, Jan 12, 2022 at 7:44 PM Mike Jones <Michael.Jones=
40microsoft.com@dmarc.ietf.org> wrote:

> I approve of the registration of this claim.
>
>                                 -- Mike
>
> -----Original Message-----
> From: Jwt-reg-review <jwt-reg-review-bounces@ietf.org> On Behalf Of
> Stefan Santesson
> Sent: Friday, September 3, 2021 8:33 AM
> To: jwt-reg-review@ietf.org
> Cc: Russ Housley <housley@vigilsec.com>
> Subject: [EXTERNAL] [Jwt-reg-review] Request to register claim:
> sig_val_claims
>
> Hi,
>
> The draft https://datatracker.ietf.org/doc/draft-santesson-svt/ is being
> requested for publication as individual submission
>
> This draft includes the request to register the claim name
> "sig_val_claims" as follows:
>
> 6.1.  Claim Names Registration
>
>
>    This section registers the "sig_val_claims" claim name in the IANA
>    "JSON Web Token Claims" registry established by Section 10.1 in
>    [RFC7519].
>
> 6.1.1.  Registry Contents
>
>    *  Claim Name: "sig_val_claims"
>    *  Claim Description: Signature Validation Token Claims
>    *  Change Controller: IESG
>    *  Specification Document(s): Section 3.2.3 of {this document}
>
>
> The draft specifies a Token having the form of a JWT which includes this
> defined claim.
>
> The rationale for this claim is described in the referenced document.
>
> The solution is deployed is real services and it is considered for
> national government usage which is the main reason to publish the
> specification as an informational RFC.
>
>
>
> /Stefan Santesson
>
>
> _______________________________________________
> Jwt-reg-review mailing list
> Jwt-reg-review@ietf.org
> https://www.ietf.org/mailman/listinfo/jwt-reg-review
> _______________________________________________
> Jwt-reg-review mailing list
> Jwt-reg-review@ietf.org
> https://www.ietf.org/mailman/listinfo/jwt-reg-review
>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._

v2.23.0 | Report a Bug | By Email